558 int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len,  in decode_ntlmssp_challenge()  argument
566 	if (blob_len < sizeof(CHALLENGE_MESSAGE)) {  in decode_ntlmssp_challenge()
567 		cifs_dbg(VFS, "challenge blob len %d too small\n", blob_len);  in decode_ntlmssp_challenge()
590 	if (tioffset > blob_len || tioffset + tilen > blob_len) {  in decode_ntlmssp_challenge()
1299 	u16 blob_len;  in sess_auth_kerberos()  local
1386 	blob_len = le16_to_cpu(pSMB->resp.SecurityBlobLength);  in sess_auth_kerberos()
1387 	if (blob_len > bytes_remaining) {  in sess_auth_kerberos()
1389 				blob_len);  in sess_auth_kerberos()
1393 	bcc_ptr += blob_len;  in sess_auth_kerberos()
1394 	bytes_remaining -= blob_len;  in sess_auth_kerberos()
1476 	u16 blob_len;  in sess_auth_rawntlmssp_negotiate()  local
1536 	blob_len = le16_to_cpu(pSMB->resp.SecurityBlobLength);  in sess_auth_rawntlmssp_negotiate()
1537 	if (blob_len > bytes_remaining) {  in sess_auth_rawntlmssp_negotiate()
1539 				blob_len);  in sess_auth_rawntlmssp_negotiate()
1544 	rc = decode_ntlmssp_challenge(bcc_ptr, blob_len, ses);  in sess_auth_rawntlmssp_negotiate()
1573 	u16 blob_len;  in sess_auth_rawntlmssp_authenticate()  local
1586 					&blob_len, ses, sess_data->nls_cp);  in sess_auth_rawntlmssp_authenticate()
1589 	sess_data->iov[1].iov_len = blob_len;  in sess_auth_rawntlmssp_authenticate()
1591 	pSMB->req.SecurityBlobLength = cpu_to_le16(blob_len);  in sess_auth_rawntlmssp_authenticate()
1625 	blob_len = le16_to_cpu(pSMB->resp.SecurityBlobLength);  in sess_auth_rawntlmssp_authenticate()
1626 	if (blob_len > bytes_remaining) {  in sess_auth_rawntlmssp_authenticate()
1628 				blob_len);  in sess_auth_rawntlmssp_authenticate()
1632 	bcc_ptr += blob_len;  in sess_auth_rawntlmssp_authenticate()
1633 	bytes_remaining -= blob_len;  in sess_auth_rawntlmssp_authenticate()